Unrated severityNVD Advisory· Published Mar 2, 2023· Updated Jan 16, 2025

SAUTER Controls Nova 200–220 Series Cleartext Transmission of Sensitive Information

CVE-2023-0053

Description

SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac version 4.2.1 and prior have only FTP and Telnet available for device management. Any sensitive information communicated through these protocols, such as credentials, is sent in cleartext. An attacker could obtain sensitive information such as user credentials to gain access to the system.

Affected products

Sauter Controls/Modunet300 (ey Am300f001, Ey Am300f002)v5
Range: Firmware all versions
Sauter Controls/Nova 230 (eyk230f001) Ddc With Bacnet Connectionv5
Range: Firmware all versions

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cisa.gov/uscert/ics/advisories/icsa-23-012-05mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000